A systematic analysis of identifying assets, and assessing and documenting the security risks associated with those assets exposed via software. The threat modeling process involves an understanding of the goals of an adversary in attacking a system based on the systems assets of interest. The scope of the threat model is defined by the scope of functionality of software being modeled.